[CVE-2008-2230] Arbitrary code execution by preparing module files in os.curdir
Bug #239124 reported by
Till Ulen
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
reportbug (Debian) |
Fix Released
|
Unknown
|
|||
reportbug (Ubuntu) |
Fix Released
|
Undecided
|
Daniel Hahler | ||
reportbug-ng (Debian) |
Fix Released
|
Unknown
|
|||
reportbug-ng (Ubuntu) |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: reportbug
CVE-2008-2230 description:
"Untrusted search path vulnerability in (1) reportbug 3.8 and 3.31, and (2) reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory."
http://
Debian reportbug bug: http://
Debian reportbug-ng bug: http://
Related branches
CVE References
Changed in reportbug: | |
status: | Unknown → Fix Released |
Changed in reportbug-ng: | |
status: | Unknown → Fix Released |
Changed in reportbug: | |
assignee: | nobody → blueyed |
status: | New → In Progress |
Changed in reportbug-ng: | |
status: | New → Confirmed |
To post a comment you must log in.
This bug was fixed in the package reportbug - 3.41ubuntu1
---------------
reportbug (3.41ubuntu1) intrepid; urgency=low
* Merge from Debian unstable. Remaining Ubuntu specific changes: ubuntu. com": ubuntu. com SMTP server in reportbug.conf so submit. py: only display ubuntu-users specific message if
- reportbug.conf:
- "bts ubuntu"
- "smtphost fiordland.
Added the fiordland.
that reportbug works without a MTA.
- reportbug_
BTS "ubuntu" is used in send_report.
- reportbug.1: mention Ubuntu specific changes (LP: #163924)
* Fixes LP: #239124, #204009
reportbug (3.41) unstable; urgency=high
[ Sandro Tosi ]
* Security bugfix release, hence urgency is set to high
* querybts, reportbug_submit.py
- os.curdir is not added to sys.path anymore, thanks to Thomas Arendsen
Hein <email address hidden> for the report; Fixes: CVE-2008-2230;
Closes: #484311
[ Chris Lawrence ]
* debian/control
- Added self to Uploaders
- Set Maintainer to new list on alioth.
[ Y Giridhar Appaji Nag ] append( '/usr/share/ reportbug' ) from reportbug
* debianbts.py
- Remove kde, ximian (and helixcode) and mandriva, they use bugzilla
- Remove grml, they use roundup
* --body-file doesn't allow preview of report, don't suggest using it with
saved files. Thanks Shai Berger <email address hidden> for the bug report
(Closes: #484245)
* remove calls to sys.path.
reportbug (3.40) unstable; urgency=low
[ Sandro Tosi ] System/ Administration" fr/{reportbug. add,querybts. add} debian. org' and 'spam' pseudo-packages
* debian/control
- added Giridhar and me to Uploaders
- added "DM-Upload-Allowed: yes"
- bump Standards-Version to 3.7.3
- moved python-central to Build-Depends-Indep and version bump to >= 0.5.14
- updated Conflicts with python-central version lower than 0.5.13 (Closes:
#418166)
- added Vcs-{Svn,Browser} fields
- added Homepage field
* debian/copyright
- clear separation of author, copyright and license notices
* debian/menu
- section updated to "Applications/
* debian/rules
- removed export DH_COMPAT
- now using binary-indep since it's and arch: all package
- doesn't remove 'test' dir anymore, since now it's used for unittests
files
* debian/compat
- added with value = 5
* reportbug.conf.5, po4a/add_
- escaped minus sign to be an hyphen
* reportbug.ja.1
- fixed some formatting errors
* debianbts.py
- added 'nm.debian.org' pseudo-package, Giridhar's patch (Closes: #478414)
- removed Gnome BTS from bugs forward; Giridhar's patch (Closes: #439351)
- removed [cruft-report] option from ftp.debian.org RM template;
Giridhar's patch (Closes: #474970)
- reintroduced 'kernel' pseudo-package, but just to fall back to
'linux-image' (Closes: #423197)
- added 'wiki.debian.org', 'release.
* reportbug.py
- uses dpkg when dlocate can't find the package's file (Closes: #429824,
#422369, #322983, #408834)
* reportbug.el
- applied patch to let Gnus work; thanks to Håkon Stordahl for it (Closes:
#227153)
* reportbug
- explained how to reuse a saved fil...